Paper 2014/666

Functional Encryption Without Obfuscation

Sanjam Garg, Craig Gentry, Shai Halevi, and Mark Zhandry


Previously known functional encryption (FE) schemes for general circuits relied on indistinguishability obfuscation, which in turn either relies on an exponential number of assumptions (basically, one per circuit), or a polynomial set of assumptions, but with an exponential loss in the security reduction. Additionally these schemes are proved in the weaker selective security model, where the adversary is forced to specify its target before seeing the public parameters. For these constructions, full security can be obtained but at the cost of an exponential loss in the security reduction. In this work, we overcome the above limitations and realize a fully secure functional encryption scheme without using indistinguishability obfuscation. Specifically the security of our scheme relies only on the polynomial hardness of simple assumptions on multilinear maps. As a separate technical contribution of independent interest, we show how to add to existing graded encoding schemes a new \emph{extension function}, that can be though of as dynamically introducing new encoding levels.

Available format(s)
Public-key cryptography
Publication info
Preprint. Minor revision.
functional encryptiongraded encodingsadaptive security
Contact author(s)
mzhandry @ stanford edu
2015-12-03: last of 3 revisions
2014-08-28: received
See all versions
Short URL
Creative Commons Attribution


      author = {Sanjam Garg and Craig Gentry and Shai Halevi and Mark Zhandry},
      title = {Functional Encryption Without Obfuscation},
      howpublished = {Cryptology ePrint Archive, Paper 2014/666},
      year = {2014},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.